From fb2c1ba782a846e62dd575d53944a267ba9159fd Mon Sep 17 00:00:00 2001 From: Sergio Garcia <38561120+sergargar@users.noreply.github.com> Date: Tue, 16 Jul 2024 11:23:14 -0400 Subject: [PATCH] chore(v3): update latest changes from v4 (#4459) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Pedro Martín Co-authored-by: Rubén De la Torre Vico --- poetry.lock | 27 ++++------- .../providers/aws/aws_regions_by_service.json | 47 +++++++++---------- .../aws/services/glue/glue_service.py | 6 +-- .../iam_avoid_root_usage.py | 24 ++++------ .../iam_rotate_access_key_90_days.py | 23 ++++----- .../iam_user_accesskey_unused.py | 23 ++++----- ..._user_with_vm_access_has_mfa.metadata.json | 2 +- pyproject.toml | 1 + .../iam_avoid_root_usage_test.py | 28 +++++------ .../iam_rotate_access_key_90_days_test.py | 9 ++-- .../iam_user_accesskey_unused_test.py | 17 +++---- 11 files changed, 88 insertions(+), 119 deletions(-) diff --git a/poetry.lock b/poetry.lock index 3d9a91e16f8..a1a503ca946 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand. +# This file is automatically @generated by Poetry 1.8.2 and should not be changed by hand. [[package]] name = "about-time" @@ -3364,7 +3364,6 @@ files = [ {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938"}, {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d"}, {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ba336e390cd8e4d1739f42dfe9bb83a3cc2e80f567d8805e11b46f4a943f5515"}, - {file = "PyYAML-6.0.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:326c013efe8048858a6d312ddd31d56e468118ad4cdeda36c719bf5bb6192290"}, {file = "PyYAML-6.0.1-cp310-cp310-win32.whl", hash = "sha256:bd4af7373a854424dabd882decdc5579653d7868b8fb26dc7d0e99f823aa5924"}, {file = "PyYAML-6.0.1-cp310-cp310-win_amd64.whl", hash = "sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d"}, {file = "PyYAML-6.0.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007"}, @@ -3372,16 +3371,8 @@ files = [ {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d"}, {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc"}, {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673"}, - {file = "PyYAML-6.0.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:e7d73685e87afe9f3b36c799222440d6cf362062f78be1013661b00c5c6f678b"}, {file = "PyYAML-6.0.1-cp311-cp311-win32.whl", hash = "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741"}, {file = "PyYAML-6.0.1-cp311-cp311-win_amd64.whl", hash = "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34"}, - {file = "PyYAML-6.0.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28"}, - {file = "PyYAML-6.0.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9"}, - {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a08c6f0fe150303c1c6b71ebcd7213c2858041a7e01975da3a99aed1e7a378ef"}, - {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0"}, - {file = "PyYAML-6.0.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4"}, - {file = "PyYAML-6.0.1-cp312-cp312-win32.whl", hash = "sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54"}, - {file = "PyYAML-6.0.1-cp312-cp312-win_amd64.whl", hash = "sha256:0d3304d8c0adc42be59c5f8a4d9e3d7379e6955ad754aa9d6ab7a398b59dd1df"}, {file = "PyYAML-6.0.1-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47"}, {file = "PyYAML-6.0.1-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98"}, {file = "PyYAML-6.0.1-cp36-cp36m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c"}, @@ -3398,7 +3389,6 @@ files = [ {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5"}, {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696"}, {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735"}, - {file = "PyYAML-6.0.1-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:49a183be227561de579b4a36efbb21b3eab9651dd81b1858589f796549873dd6"}, {file = "PyYAML-6.0.1-cp38-cp38-win32.whl", hash = "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206"}, {file = "PyYAML-6.0.1-cp38-cp38-win_amd64.whl", hash = "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62"}, {file = "PyYAML-6.0.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8"}, @@ -3406,7 +3396,6 @@ files = [ {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5773183b6446b2c99bb77e77595dd486303b4faab2b086e7b17bc6bef28865f6"}, {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:b786eecbdf8499b9ca1d697215862083bd6d2a99965554781d0d8d1ad31e13a0"}, {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bc1bf2925a1ecd43da378f4db9e4f799775d6367bdb94671027b73b393a7c42c"}, - {file = "PyYAML-6.0.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:04ac92ad1925b2cff1db0cfebffb6ffc43457495c9b3c39d3fcae417d7125dc5"}, {file = "PyYAML-6.0.1-cp39-cp39-win32.whl", hash = "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c"}, {file = "PyYAML-6.0.1-cp39-cp39-win_amd64.whl", hash = "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486"}, {file = "PyYAML-6.0.1.tar.gz", hash = "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43"}, @@ -3782,24 +3771,24 @@ python-versions = ">=3.6" files = [ {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:b42169467c42b692c19cf539c38d4602069d8c1505e97b86387fcf7afb766e1d"}, {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-macosx_13_0_arm64.whl", hash = "sha256:07238db9cbdf8fc1e9de2489a4f68474e70dffcb32232db7c08fa61ca0c7c462"}, + {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-manylinux2014_aarch64.whl", hash = "sha256:d92f81886165cb14d7b067ef37e142256f1c6a90a65cd156b063a43da1708cfd"}, {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:fff3573c2db359f091e1589c3d7c5fc2f86f5bdb6f24252c2d8e539d4e45f412"}, - {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-manylinux_2_24_aarch64.whl", hash = "sha256:aa2267c6a303eb483de8d02db2871afb5c5fc15618d894300b88958f729ad74f"}, {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:840f0c7f194986a63d2c2465ca63af8ccbbc90ab1c6001b1978f05119b5e7334"}, {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:024cfe1fc7c7f4e1aff4a81e718109e13409767e4f871443cbff3dba3578203d"}, {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-win32.whl", hash = "sha256:c69212f63169ec1cfc9bb44723bf2917cbbd8f6191a00ef3410f5a7fe300722d"}, {file = "ruamel.yaml.clib-0.2.8-cp310-cp310-win_amd64.whl", hash = "sha256:cabddb8d8ead485e255fe80429f833172b4cadf99274db39abc080e068cbcc31"}, {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:bef08cd86169d9eafb3ccb0a39edb11d8e25f3dae2b28f5c52fd997521133069"}, {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-macosx_13_0_arm64.whl", hash = "sha256:b16420e621d26fdfa949a8b4b47ade8810c56002f5389970db4ddda51dbff248"}, + {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-manylinux2014_aarch64.whl", hash = "sha256:b5edda50e5e9e15e54a6a8a0070302b00c518a9d32accc2346ad6c984aacd279"}, {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:25c515e350e5b739842fc3228d662413ef28f295791af5e5110b543cf0b57d9b"}, - {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-manylinux_2_24_aarch64.whl", hash = "sha256:1707814f0d9791df063f8c19bb51b0d1278b8e9a2353abbb676c2f685dee6afe"}, {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:46d378daaac94f454b3a0e3d8d78cafd78a026b1d71443f4966c696b48a6d899"}, {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:09b055c05697b38ecacb7ac50bdab2240bfca1a0c4872b0fd309bb07dc9aa3a9"}, {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-win32.whl", hash = "sha256:53a300ed9cea38cf5a2a9b069058137c2ca1ce658a874b79baceb8f892f915a7"}, {file = "ruamel.yaml.clib-0.2.8-cp311-cp311-win_amd64.whl", hash = "sha256:c2a72e9109ea74e511e29032f3b670835f8a59bbdc9ce692c5b4ed91ccf1eedb"}, {file = "ruamel.yaml.clib-0.2.8-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:ebc06178e8821efc9692ea7544aa5644217358490145629914d8020042c24aa1"}, {file = "ruamel.yaml.clib-0.2.8-cp312-cp312-macosx_13_0_arm64.whl", hash = "sha256:edaef1c1200c4b4cb914583150dcaa3bc30e592e907c01117c08b13a07255ec2"}, + {file = "ruamel.yaml.clib-0.2.8-cp312-cp312-manylinux2014_aarch64.whl", hash = "sha256:7048c338b6c86627afb27faecf418768acb6331fc24cfa56c93e8c9780f815fa"}, {file = "ruamel.yaml.clib-0.2.8-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:d176b57452ab5b7028ac47e7b3cf644bcfdc8cacfecf7e71759f7f51a59e5c92"}, - {file = "ruamel.yaml.clib-0.2.8-cp312-cp312-manylinux_2_24_aarch64.whl", hash = "sha256:1dc67314e7e1086c9fdf2680b7b6c2be1c0d8e3a8279f2e993ca2a7545fecf62"}, {file = "ruamel.yaml.clib-0.2.8-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:3213ece08ea033eb159ac52ae052a4899b56ecc124bb80020d9bbceeb50258e9"}, {file = "ruamel.yaml.clib-0.2.8-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:aab7fd643f71d7946f2ee58cc88c9b7bfc97debd71dcc93e03e2d174628e7e2d"}, {file = "ruamel.yaml.clib-0.2.8-cp312-cp312-win32.whl", hash = "sha256:5c365d91c88390c8d0a8545df0b5857172824b1c604e867161e6b3d59a827eaa"}, @@ -3807,7 +3796,7 @@ files = [ {file = "ruamel.yaml.clib-0.2.8-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:a5aa27bad2bb83670b71683aae140a1f52b0857a2deff56ad3f6c13a017a26ed"}, {file = "ruamel.yaml.clib-0.2.8-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:c58ecd827313af6864893e7af0a3bb85fd529f862b6adbefe14643947cfe2942"}, {file = "ruamel.yaml.clib-0.2.8-cp37-cp37m-macosx_12_0_arm64.whl", hash = "sha256:f481f16baec5290e45aebdc2a5168ebc6d35189ae6fea7a58787613a25f6e875"}, - {file = "ruamel.yaml.clib-0.2.8-cp37-cp37m-manylinux_2_24_aarch64.whl", hash = "sha256:77159f5d5b5c14f7c34073862a6b7d34944075d9f93e681638f6d753606c6ce6"}, + {file = "ruamel.yaml.clib-0.2.8-cp37-cp37m-manylinux2014_aarch64.whl", hash = "sha256:3fcc54cb0c8b811ff66082de1680b4b14cf8a81dce0d4fbf665c2265a81e07a1"}, {file = "ruamel.yaml.clib-0.2.8-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:7f67a1ee819dc4562d444bbafb135832b0b909f81cc90f7aa00260968c9ca1b3"}, {file = "ruamel.yaml.clib-0.2.8-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:4ecbf9c3e19f9562c7fdd462e8d18dd902a47ca046a2e64dba80699f0b6c09b7"}, {file = "ruamel.yaml.clib-0.2.8-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:87ea5ff66d8064301a154b3933ae406b0863402a799b16e4a1d24d9fbbcbe0d3"}, @@ -3815,7 +3804,7 @@ files = [ {file = "ruamel.yaml.clib-0.2.8-cp37-cp37m-win_amd64.whl", hash = "sha256:3f215c5daf6a9d7bbed4a0a4f760f3113b10e82ff4c5c44bec20a68c8014f675"}, {file = "ruamel.yaml.clib-0.2.8-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:1b617618914cb00bf5c34d4357c37aa15183fa229b24767259657746c9077615"}, {file = "ruamel.yaml.clib-0.2.8-cp38-cp38-macosx_12_0_arm64.whl", hash = "sha256:a6a9ffd280b71ad062eae53ac1659ad86a17f59a0fdc7699fd9be40525153337"}, - {file = "ruamel.yaml.clib-0.2.8-cp38-cp38-manylinux_2_24_aarch64.whl", hash = "sha256:305889baa4043a09e5b76f8e2a51d4ffba44259f6b4c72dec8ca56207d9c6fe1"}, + {file = "ruamel.yaml.clib-0.2.8-cp38-cp38-manylinux2014_aarch64.whl", hash = "sha256:665f58bfd29b167039f714c6998178d27ccd83984084c286110ef26b230f259f"}, {file = "ruamel.yaml.clib-0.2.8-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:700e4ebb569e59e16a976857c8798aee258dceac7c7d6b50cab63e080058df91"}, {file = "ruamel.yaml.clib-0.2.8-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:e2b4c44b60eadec492926a7270abb100ef9f72798e18743939bdbf037aab8c28"}, {file = "ruamel.yaml.clib-0.2.8-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:e79e5db08739731b0ce4850bed599235d601701d5694c36570a99a0c5ca41a9d"}, @@ -3823,7 +3812,7 @@ files = [ {file = "ruamel.yaml.clib-0.2.8-cp38-cp38-win_amd64.whl", hash = "sha256:56f4252222c067b4ce51ae12cbac231bce32aee1d33fbfc9d17e5b8d6966c312"}, {file = "ruamel.yaml.clib-0.2.8-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:03d1162b6d1df1caa3a4bd27aa51ce17c9afc2046c31b0ad60a0a96ec22f8001"}, {file = "ruamel.yaml.clib-0.2.8-cp39-cp39-macosx_12_0_arm64.whl", hash = "sha256:bba64af9fa9cebe325a62fa398760f5c7206b215201b0ec825005f1b18b9bccf"}, - {file = "ruamel.yaml.clib-0.2.8-cp39-cp39-manylinux_2_24_aarch64.whl", hash = "sha256:a1a45e0bb052edf6a1d3a93baef85319733a888363938e1fc9924cb00c8df24c"}, + {file = "ruamel.yaml.clib-0.2.8-cp39-cp39-manylinux2014_aarch64.whl", hash = "sha256:9eb5dee2772b0f704ca2e45b1713e4e5198c18f515b52743576d196348f374d3"}, {file = "ruamel.yaml.clib-0.2.8-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:da09ad1c359a728e112d60116f626cc9f29730ff3e0e7db72b9a2dbc2e4beed5"}, {file = "ruamel.yaml.clib-0.2.8-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:184565012b60405d93838167f425713180b949e9d8dd0bbc7b49f074407c5a8b"}, {file = "ruamel.yaml.clib-0.2.8-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:a75879bacf2c987c003368cf14bed0ffe99e8e85acfa6c0bfffc21a090f16880"}, @@ -4509,4 +4498,4 @@ testing = ["big-O", "jaraco.functools", "jaraco.itertools", "jaraco.test", "more [metadata] lock-version = "2.0" python-versions = ">=3.9,<3.13" -content-hash = "e472800082e48632c7cfdeb46e1710cf709d6090f149d0ecc1230447882255b6" +content-hash = "3881b2a14856873e4ac8f70037a9758bb66bfe060d006834c332f4fe5f568d1b" diff --git a/prowler/providers/aws/aws_regions_by_service.json b/prowler/providers/aws/aws_regions_by_service.json index 64998767814..90d093119bb 100644 --- a/prowler/providers/aws/aws_regions_by_service.json +++ b/prowler/providers/aws/aws_regions_by_service.json @@ -1324,6 +1324,7 @@ "ap-southeast-3", "ap-southeast-4", "ca-central-1", + "ca-west-1", "eu-central-1", "eu-central-2", "eu-north-1", @@ -2264,6 +2265,7 @@ "regions": { "aws": [ "af-south-1", + "ap-east-1", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", @@ -2274,6 +2276,7 @@ "ap-southeast-3", "ap-southeast-4", "ca-central-1", + "ca-west-1", "eu-central-1", "eu-central-2", "eu-north-1", @@ -2301,6 +2304,7 @@ "regions": { "aws": [ "af-south-1", + "ap-east-1", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", @@ -2311,6 +2315,7 @@ "ap-southeast-3", "ap-southeast-4", "ca-central-1", + "ca-west-1", "eu-central-1", "eu-central-2", "eu-north-1", @@ -2340,6 +2345,7 @@ "regions": { "aws": [ "af-south-1", + "ap-east-1", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", @@ -2350,6 +2356,7 @@ "ap-southeast-3", "ap-southeast-4", "ca-central-1", + "ca-west-1", "eu-central-1", "eu-central-2", "eu-north-1", @@ -5065,22 +5072,6 @@ ] } }, - "importexport": { - "regions": { - "aws": [ - "ap-southeast-1", - "eu-west-1", - "us-east-1", - "us-west-1", - "us-west-2" - ], - "aws-cn": [ - "cn-north-1", - "cn-northwest-1" - ], - "aws-us-gov": [] - } - }, "inspector": { "regions": { "aws": [ @@ -7040,16 +7031,6 @@ "aws-us-gov": [] } }, - "mobile": { - "regions": { - "aws": [ - "us-east-1", - "us-west-2" - ], - "aws-cn": [], - "aws-us-gov": [] - } - }, "monitron": { "regions": { "aws": [ @@ -7120,16 +7101,25 @@ "ap-east-1", "ap-northeast-1", "ap-northeast-2", + "ap-northeast-3", "ap-south-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-2", + "ap-southeast-3", + "ap-southeast-4", "ca-central-1", + "ca-west-1", "eu-central-1", + "eu-central-2", "eu-north-1", "eu-south-1", + "eu-south-2", "eu-west-1", "eu-west-2", "eu-west-3", + "il-central-1", + "me-central-1", "me-south-1", "sa-east-1", "us-east-1", @@ -7836,6 +7826,7 @@ "ap-southeast-3", "ap-southeast-4", "ca-central-1", + "ca-west-1", "eu-central-1", "eu-central-2", "eu-north-1", @@ -9980,6 +9971,7 @@ "ap-southeast-3", "ap-southeast-4", "ca-central-1", + "ca-west-1", "eu-central-1", "eu-central-2", "eu-north-1", @@ -10997,9 +10989,12 @@ "wickr": { "regions": { "aws": [ + "ap-northeast-1", + "ap-southeast-1", "ap-southeast-2", "ca-central-1", "eu-central-1", + "eu-north-1", "eu-west-2", "us-east-1" ], diff --git a/prowler/providers/aws/services/glue/glue_service.py b/prowler/providers/aws/services/glue/glue_service.py index b5964ce31ef..d9f455afd71 100644 --- a/prowler/providers/aws/services/glue/glue_service.py +++ b/prowler/providers/aws/services/glue/glue_service.py @@ -42,9 +42,9 @@ def __get_connections__(self, regional_client): self.connections.append( Connection( arn=arn, - name=conn["Name"], - type=conn["ConnectionType"], - properties=conn["ConnectionProperties"], + name=conn.get("Name", ""), + type=conn.get("ConnectionType", ""), + properties=conn.get("ConnectionProperties", {}), region=regional_client.region, ) ) diff --git a/prowler/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage.py b/prowler/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage.py index 59f1ecbec58..00f9bdcf122 100644 --- a/prowler/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage.py +++ b/prowler/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage.py @@ -1,5 +1,8 @@ import datetime +import pytz +from dateutil import parser + from prowler.lib.check.models import Check, Check_Report_AWS from prowler.providers.aws.services.iam.iam_client import iam_client @@ -24,27 +27,18 @@ def execute(self) -> Check_Report_AWS: ): if user["password_last_used"] != "no_information": days_since_accessed = ( - datetime.datetime.now() - - datetime.datetime.strptime( - user["password_last_used"], - "%Y-%m-%dT%H:%M:%S+00:00", - ) + datetime.datetime.now(pytz.utc) + - parser.parse(user["password_last_used"]) ).days elif user["access_key_1_last_used_date"] != "N/A": days_since_accessed = ( - datetime.datetime.now() - - datetime.datetime.strptime( - user["access_key_1_last_used_date"], - "%Y-%m-%dT%H:%M:%S+00:00", - ) + datetime.datetime.now(pytz.utc) + - parser.parse(user["access_key_1_last_used_date"]) ).days elif user["access_key_2_last_used_date"] != "N/A": days_since_accessed = ( - datetime.datetime.now() - - datetime.datetime.strptime( - user["access_key_2_last_used_date"], - "%Y-%m-%dT%H:%M:%S+00:00", - ) + datetime.datetime.now(pytz.utc) + - parser.parse(user["access_key_2_last_used_date"]) ).days if maximum_access_days >= days_since_accessed: report.status = "FAIL" diff --git a/prowler/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days.py b/prowler/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days.py index b23cd4798fa..cc7b3bfbe70 100644 --- a/prowler/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days.py +++ b/prowler/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days.py @@ -1,5 +1,8 @@ import datetime +import pytz +from dateutil import parser + from prowler.lib.check.models import Check, Check_Report_AWS from prowler.providers.aws.services.iam.iam_client import iam_client @@ -32,13 +35,9 @@ def execute(self) -> Check_Report_AWS: user["access_key_1_last_rotated"] != "N/A" and user["access_key_1_active"] == "true" ): - access_key_1_last_rotated = ( - datetime.datetime.now() - - datetime.datetime.strptime( - user["access_key_1_last_rotated"], - "%Y-%m-%dT%H:%M:%S+00:00", - ) - ) + access_key_1_last_rotated = datetime.datetime.now( + pytz.utc + ) - parser.parse(user["access_key_1_last_rotated"]) if access_key_1_last_rotated.days > maximum_expiration_days: old_access_keys = True report = Check_Report_AWS(self.metadata()) @@ -52,13 +51,9 @@ def execute(self) -> Check_Report_AWS: user["access_key_2_last_rotated"] != "N/A" and user["access_key_2_active"] == "true" ): - access_key_2_last_rotated = ( - datetime.datetime.now() - - datetime.datetime.strptime( - user["access_key_2_last_rotated"], - "%Y-%m-%dT%H:%M:%S+00:00", - ) - ) + access_key_2_last_rotated = datetime.datetime.now( + pytz.utc + ) - parser.parse(user["access_key_2_last_rotated"]) if access_key_2_last_rotated.days > maximum_expiration_days: old_access_keys = True report = Check_Report_AWS(self.metadata()) diff --git a/prowler/providers/aws/services/iam/iam_user_accesskey_unused/iam_user_accesskey_unused.py b/prowler/providers/aws/services/iam/iam_user_accesskey_unused/iam_user_accesskey_unused.py index 5c8c948daa8..5463585bc08 100644 --- a/prowler/providers/aws/services/iam/iam_user_accesskey_unused/iam_user_accesskey_unused.py +++ b/prowler/providers/aws/services/iam/iam_user_accesskey_unused/iam_user_accesskey_unused.py @@ -1,5 +1,8 @@ import datetime +import pytz +from dateutil import parser + from prowler.lib.check.models import Check, Check_Report_AWS from prowler.providers.aws.services.iam.iam_client import iam_client @@ -29,13 +32,9 @@ def execute(self) -> Check_Report_AWS: old_access_keys = False if user["access_key_1_active"] == "true": if user["access_key_1_last_used_date"] != "N/A": - access_key_1_last_used_date = ( - datetime.datetime.now() - - datetime.datetime.strptime( - user["access_key_1_last_used_date"], - "%Y-%m-%dT%H:%M:%S+00:00", - ) - ) + access_key_1_last_used_date = datetime.datetime.now( + pytz.utc + ) - parser.parse(user["access_key_1_last_used_date"]) if access_key_1_last_used_date.days > maximum_expiration_days: old_access_keys = True report = Check_Report_AWS(self.metadata()) @@ -48,13 +47,9 @@ def execute(self) -> Check_Report_AWS: if user["access_key_2_active"] == "true": if user["access_key_2_last_used_date"] != "N/A": - access_key_2_last_used_date = ( - datetime.datetime.now() - - datetime.datetime.strptime( - user["access_key_2_last_used_date"], - "%Y-%m-%dT%H:%M:%S+00:00", - ) - ) + access_key_2_last_used_date = datetime.datetime.now( + pytz.utc + ) - parser.parse(user["access_key_2_last_used_date"]) if access_key_2_last_used_date.days > maximum_expiration_days: old_access_keys = True report = Check_Report_AWS(self.metadata()) diff --git a/prowler/providers/azure/services/entra/entra_user_with_vm_access_has_mfa/entra_user_with_vm_access_has_mfa.metadata.json b/prowler/providers/azure/services/entra/entra_user_with_vm_access_has_mfa/entra_user_with_vm_access_has_mfa.metadata.json index e1eb406681b..c892b562c26 100644 --- a/prowler/providers/azure/services/entra/entra_user_with_vm_access_has_mfa/entra_user_with_vm_access_has_mfa.metadata.json +++ b/prowler/providers/azure/services/entra/entra_user_with_vm_access_has_mfa/entra_user_with_vm_access_has_mfa.metadata.json @@ -3,7 +3,7 @@ "CheckID": "entra_user_with_vm_access_has_mfa", "CheckTitle": "Ensure only MFA enabled identities can access privileged Virtual Machine", "CheckType": [], - "ServiceName": "iam", + "ServiceName": "entra", "SubServiceName": "", "ResourceIdTemplate": "", "Severity": "medium", diff --git a/pyproject.toml b/pyproject.toml index ad50d6d7cbf..ff600ae6c28 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -56,6 +56,7 @@ microsoft-kiota-abstractions = "1.3.3" msgraph-sdk = "1.5.2" pydantic = "1.10.17" python = ">=3.9,<3.13" +python-dateutil = "^2.9.0.post0" pytz = "2024.1" requests = "2.32.3" schema = "0.7.7" diff --git a/tests/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage_test.py b/tests/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage_test.py index b27f615bb61..a432d9faeb6 100644 --- a/tests/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage_test.py +++ b/tests/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage_test.py @@ -15,7 +15,7 @@ class Test_iam_avoid_root_usage: @mock_aws def test_root_not_used(self): raw_credential_report = r"""user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated -,arn:aws:iam::123456789012:,2022-04-17T14:59:38+00:00,true,no_information,not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" +,arn:aws:iam::123456789012:,2022-04-17T14:59:38Z,true,no_information,not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" credential_lines = raw_credential_report.split("\n") csv_reader = DictReader(credential_lines, delimiter=",") credential_list = list(csv_reader) @@ -51,11 +51,9 @@ def test_root_not_used(self): @mock_aws def test_root_password_recently_used(self): - password_last_used = (datetime.datetime.now()).strftime( - "%Y-%m-%dT%H:%M:%S+00:00" - ) + password_last_used = (datetime.datetime.now()).strftime("%Y-%m-%dT%H:%M:%SZ") raw_credential_report = rf"""user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated -,arn:aws:iam::123456789012:,2022-04-17T14:59:38+00:00,true,{password_last_used},not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" +,arn:aws:iam::123456789012:,2022-04-17T14:59:38Z,true,{password_last_used},not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" credential_lines = raw_credential_report.split("\n") csv_reader = DictReader(credential_lines, delimiter=",") credential_list = list(csv_reader) @@ -92,10 +90,10 @@ def test_root_password_recently_used(self): @mock_aws def test_root_access_key_1_recently_used(self): access_key_1_last_used = (datetime.datetime.now()).strftime( - "%Y-%m-%dT%H:%M:%S+00:00" + "%Y-%m-%dT%H:%M:%SZ" ) raw_credential_report = rf"""user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated -,arn:aws:iam::123456789012:,2022-04-17T14:59:38+00:00,true,no_information,not_supported,not_supported,false,true,N/A,{access_key_1_last_used},N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" +,arn:aws:iam::123456789012:,2022-04-17T14:59:38Z,true,no_information,not_supported,not_supported,false,true,N/A,{access_key_1_last_used},N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" credential_lines = raw_credential_report.split("\n") csv_reader = DictReader(credential_lines, delimiter=",") credential_list = list(csv_reader) @@ -132,10 +130,10 @@ def test_root_access_key_1_recently_used(self): @mock_aws def test_root_access_key_2_recently_used(self): access_key_2_last_used = (datetime.datetime.now()).strftime( - "%Y-%m-%dT%H:%M:%S+00:00" + "%Y-%m-%dT%H:%M:%SZ" ) raw_credential_report = rf"""user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated -,arn:aws:iam::123456789012:,2022-04-17T14:59:38+00:00,true,no_information,not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,{access_key_2_last_used},N/A,N/A,false,N/A,false,N/A""" +,arn:aws:iam::123456789012:,2022-04-17T14:59:38Z,true,no_information,not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,{access_key_2_last_used},N/A,N/A,false,N/A,false,N/A""" credential_lines = raw_credential_report.split("\n") csv_reader = DictReader(credential_lines, delimiter=",") credential_list = list(csv_reader) @@ -173,9 +171,9 @@ def test_root_access_key_2_recently_used(self): def test_root_password_used(self): password_last_used = ( datetime.datetime.now() - datetime.timedelta(days=100) - ).strftime("%Y-%m-%dT%H:%M:%S+00:00") + ).strftime("%Y-%m-%dT%H:%M:%SZ") raw_credential_report = rf"""user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated -,arn:aws:iam::123456789012:,2022-04-17T14:59:38+00:00,true,{password_last_used},not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" +,arn:aws:iam::123456789012:,2022-04-17T14:59:38Z,true,{password_last_used},not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" credential_lines = raw_credential_report.split("\n") csv_reader = DictReader(credential_lines, delimiter=",") credential_list = list(csv_reader) @@ -213,9 +211,9 @@ def test_root_password_used(self): def test_root_access_key_1_used(self): access_key_1_last_used = ( datetime.datetime.now() - datetime.timedelta(days=100) - ).strftime("%Y-%m-%dT%H:%M:%S+00:00") + ).strftime("%Y-%m-%dT%H:%M:%SZ") raw_credential_report = rf"""user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated -,arn:aws:iam::123456789012:,2022-04-17T14:59:38+00:00,true,no_information,not_supported,not_supported,false,true,N/A,{access_key_1_last_used},N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" +,arn:aws:iam::123456789012:,2022-04-17T14:59:38Z,true,no_information,not_supported,not_supported,false,true,N/A,{access_key_1_last_used},N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A""" credential_lines = raw_credential_report.split("\n") csv_reader = DictReader(credential_lines, delimiter=",") credential_list = list(csv_reader) @@ -253,9 +251,9 @@ def test_root_access_key_1_used(self): def test_root_access_key_2_used(self): access_key_2_last_used = ( datetime.datetime.now() - datetime.timedelta(days=100) - ).strftime("%Y-%m-%dT%H:%M:%S+00:00") + ).strftime("%Y-%m-%dT%H:%M:%SZ") raw_credential_report = rf"""user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated -,arn:aws:iam::123456789012:,2022-04-17T14:59:38+00:00,true,no_information,not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,{access_key_2_last_used},N/A,N/A,false,N/A,false,N/A""" +,arn:aws:iam::123456789012:,2022-04-17T14:59:38Z,true,no_information,not_supported,not_supported,false,true,N/A,N/A,N/A,N/A,false,N/A,{access_key_2_last_used},N/A,N/A,false,N/A,false,N/A""" credential_lines = raw_credential_report.split("\n") csv_reader = DictReader(credential_lines, delimiter=",") credential_list = list(csv_reader) diff --git a/tests/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days_test.py b/tests/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days_test.py index f0e7e1200a2..516950fda5d 100644 --- a/tests/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days_test.py +++ b/tests/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days_test.py @@ -1,6 +1,7 @@ import datetime from unittest import mock +import pytz from boto3 import client from moto import mock_aws @@ -49,7 +50,7 @@ def test_user_no_access_keys(self): @mock_aws def test_user_access_key_1_not_rotated(self): credentials_last_rotated = ( - datetime.datetime.now() - datetime.timedelta(days=100) + datetime.datetime.now(pytz.utc) - datetime.timedelta(days=100) ).strftime("%Y-%m-%dT%H:%M:%S+00:00") iam_client = client("iam") user = "test-user" @@ -90,7 +91,7 @@ def test_user_access_key_1_not_rotated(self): @mock_aws def test_user_access_key_2_not_rotated(self): credentials_last_rotated = ( - datetime.datetime.now() - datetime.timedelta(days=100) + datetime.datetime.now(pytz.utc) - datetime.timedelta(days=100) ).strftime("%Y-%m-%dT%H:%M:%S+00:00") iam_client = client("iam") user = "test-user" @@ -131,7 +132,7 @@ def test_user_access_key_2_not_rotated(self): @mock_aws def test_user_both_access_keys_not_rotated(self): credentials_last_rotated = ( - datetime.datetime.now() - datetime.timedelta(days=100) + datetime.datetime.now(pytz.utc) - datetime.timedelta(days=100) ).strftime("%Y-%m-%dT%H:%M:%S+00:00") iam_client = client("iam") user = "test-user" @@ -185,7 +186,7 @@ def test_user_both_access_keys_not_rotated(self): @mock_aws def test_user_both_access_keys_rotated(self): credentials_last_rotated = ( - datetime.datetime.now() - datetime.timedelta(days=10) + datetime.datetime.now(pytz.utc) - datetime.timedelta(days=10) ).strftime("%Y-%m-%dT%H:%M:%S+00:00") iam_client = client("iam") user = "test-user" diff --git a/tests/providers/aws/services/iam/iam_user_accesskey_unused/iam_user_accesskey_unused_test.py b/tests/providers/aws/services/iam/iam_user_accesskey_unused/iam_user_accesskey_unused_test.py index 78b9a9651ea..fd5a1bc3e90 100644 --- a/tests/providers/aws/services/iam/iam_user_accesskey_unused/iam_user_accesskey_unused_test.py +++ b/tests/providers/aws/services/iam/iam_user_accesskey_unused/iam_user_accesskey_unused_test.py @@ -1,6 +1,7 @@ import datetime from unittest import mock +import pytz from boto3 import client from moto import mock_aws @@ -60,8 +61,8 @@ def test_user_no_access_keys(self): @mock_aws def test_user_access_key_1_not_used(self): credentials_last_rotated = ( - datetime.datetime.now() - datetime.timedelta(days=100) - ).strftime("%Y-%m-%dT%H:%M:%S+00:00") + datetime.datetime.now(pytz.utc) - datetime.timedelta(days=100) + ).strftime("%Y-%m-%dT%H:%M:%SZ") iam_client = client("iam") user = "test-user" arn = iam_client.create_user(UserName=user)["User"]["Arn"] @@ -104,8 +105,8 @@ def test_user_access_key_1_not_used(self): @mock_aws def test_user_access_key_2_not_used(self): credentials_last_rotated = ( - datetime.datetime.now() - datetime.timedelta(days=100) - ).strftime("%Y-%m-%dT%H:%M:%S+00:00") + datetime.datetime.now(pytz.utc) - datetime.timedelta(days=100) + ).strftime("%Y-%m-%dT%H:%M:%SZ") iam_client = client("iam") user = "test-user" arn = iam_client.create_user(UserName=user)["User"]["Arn"] @@ -148,8 +149,8 @@ def test_user_access_key_2_not_used(self): @mock_aws def test_user_both_access_keys_not_used(self): credentials_last_rotated = ( - datetime.datetime.now() - datetime.timedelta(days=100) - ).strftime("%Y-%m-%dT%H:%M:%S+00:00") + datetime.datetime.now(pytz.utc) - datetime.timedelta(days=100) + ).strftime("%Y-%m-%dT%H:%M:%SZ") iam_client = client("iam") user = "test-user" arn = iam_client.create_user(UserName=user)["User"]["Arn"] @@ -206,8 +207,8 @@ def test_user_both_access_keys_not_used(self): @mock_aws def test_user_both_access_keys_used(self): credentials_last_rotated = ( - datetime.datetime.now() - datetime.timedelta(days=10) - ).strftime("%Y-%m-%dT%H:%M:%S+00:00") + datetime.datetime.now(pytz.utc) - datetime.timedelta(days=10) + ).strftime("%Y-%m-%dT%H:%M:%SZ") iam_client = client("iam") user = "test-user" arn = iam_client.create_user(UserName=user)["User"]["Arn"]